atsecPlease note the missing
categories. Are they reserved for e-medical, e-banking,
e-driver's license, visas, digitized biometrics,
and other data, etc. ? Time will tell.

1. PIV -- Personal Identification
Verification cards mandated for all Federal Government
employees Fed- Gov. employees to begin smart card IDsThe U.S. government will soon be issuing new,
high-technology identification cards to more than ten million
people in the federal work force. The move is prompting a debate
over whether the work I.D.s represent the first
step toward a national identification card.http://www.voanews.com/english/AmericanLife/2006-10-02-voa32.cfm2. PIV for STATE and LOCAL Government employees begins http://www.gcn.com/online/vol1_no1/42410-1.html

3. PIV for Businesses, Industry,
Companies, Corporations in the Public Sector

4.. REAL ID -- for all citizens ; an upgraded smart Driver's
license

ONE Card for everything
The final operation of this e-ID smart card is to be Multi-functional, particularly for e-banking
( eft electronic fund transfer ). And it will also be used as a
health card, visa, driver's license, etc.
The e-ID smart card is capable of adding many new functions while it is in use, without any observable changes, because of the
microprocessor and because of the back end software.
That means that each time one places their smart card into a
termional, data is being received AND transmitted from the many
interconnecting databases that keep a running profile on each
citizen in real-time. Facts about the owner are constantly
updated. And not only that, but new applications / functions are
added to the chip's abilities that weren't there previously, due
to the backend software that enhances the chips capabilities while
out in the field. That means that there is
no need to get a new chip. It is automatically morphed for you
while in use. Not only is this an added convenience, but it is
also an added pitfall.

Each time an e-ID card interacts with a terminal ( POS point of
sale etc.) new data is continuously upgraded on your chip-card.
The profiling gets more and more detailed , and is communicated
between many databanks.

For instance ... has your card tabulated that you bought cookies
at the grocery store ?
There goes your insurance to cover diabetes.
It says you bought potatoe chips? Too much salt for your blood
pressure !
You will have to pay for pharmaceuticals out of your own pocket.
Buying more than the ususal amount of groceries ? Perhaps someone
is living with you.
You smoke ? Insurance possibly denied ; and so on, and so on.

While most articles say that the PIV smart card with PKI
infrastructure is for Government employees, the more recent
articles are stating that the PIV cards are required for
government services. ( See ActivIdentity below )
So ..... will we be
required to have these e-ID cards ? Yes. Beginning in 2008."Yesterday came suddenly " -- Beatles

1.PIV Cards
: First, for Federal Government employees ( DoD etc. )
Next, PIV cards for STATE and LOCAL employees Federal , State and Local
Government employees
"...all government employees
are told that they must begin deploying e-ID cards for
"interoperability" .. which means that only these cards
will give the authorized holder access to their building where
they are employed, or to any government building for services.And it will also allow them to have computer access,
upon verification. Without that smart ID card, there will be no
building or computer access. It will become "ACCESS
DENIED".

Latest update : "...over the next several
months, agencies will be scheduled to place their orders and get
their cards. The goal is to issue cards to all participating
agencies within 24 months,
[ Ed: by Sept. 2008 ] said Chris Niedermayer, steering committee chairman
and associate CIO of the Agriculture Department.
Issuing the cards is only the beginning of the HSPD-12 equation,
however. Even agencies signed up with GSA or another
shared-services provider are on their own to acquire the
appropriate card readers and infrastructure to use the cards,
officials said. Everyone is focusing on the next date, but
it is really a much larger initiative were trying to
achieve, Kareis said. http://www.washingtontechnology.com/news/21_18/federal/29323-1.htmlGSA to approve PIV ( Personal
Identity Verification ) cards Among these is a new Personal Identity Verification (PIV)
ID card. The standards for the PIV cards have been in development
since HSPD-12s release, guided by the
National Institute of Standards and Technology (NIST).
The HSPD-12 mandate requires all federal agencies to switch to
these PIV cards to raise the level of identity verification and security across
government. http://www.secureidnews.com/library/2006/05/18/new-government-smart-id-cards-slowly-coming-along/

Interoperability for Multiple Applications : ActivIdentity FREMONT, Calif., Oct. 3 /PRNewswire-FirstCall/ --
ActivIdentity Corporation (NASDAQ: ACTI) , a global leader in
digital identification for government and enterprise, today
announced its plan to support the emerging ISO/IEC 24727 smart
card interoperability framework standard as it is finalized and
approved by the International Organization for Standardization
(ISO). By extending its industry leading smart card software to
support ISO/IEC 24727, ActivIdentity continues its strategy of
support for global industry standards to ensure application
interoperability across multiple standards and provide a
migration path for organizations looking to implement secure,
cost-effective authentication solutions based on this emerging
standardAs a result, our applications support multiple
standards, provide a clear path for our customers to make post issuance
field upgrades of the card and support new standards as they
emerge."Editor ISO 24727 Part 5. "I am glad to see commercial company leaders in this market,
acknowledge the usefulness of this effort and decide to endorse
such an architecture in their product line."About ISO 24727
ISO/IEC 24727 is a set of programming interfaces for interactions
between integrated circuit cards and external applications to
include generic services for multi-sector
use. The organization and the operation of
the ICC conform to ISO/IEC 7816-4.
It consists of five parts:Part 1: Architecture, Part 2: Generic card interface,
Part 3:
Application interface, Part 4: API administration and Part 5:
Testing procedure.

Part 1 is approved; Parts 2-4 are expected to be approved during
2007 and Part 5 is likely to be approved in 2008.
National Institute of Standards and Technology (NIST) is leading
the US contribution of this worldwide ISO standard through ANSI.
Australia is proposing to use ISO/IEC 24727 as a common framework
for multiple large scale smart card projects, including the
Queensland Drivers License Program and the Australian Government
Access Card project. In Europe the European Citizen Card standard
Cent/TS 15480 is endorsing its use.http://sev.prnewswire.com/computer-software/20061003/SFTU05603102006-1.html

Federal Compliance by due
date GSA still hopes to approve at least three products
in each of the 22 categories, but Temoshok said some
content areas will not be approved in time because they are not
critical for agencies meeting the deadline.http://www.gcn.com/online/vol1_no1/42034-1.html

BACK END SOFTWARE : PIVMAN PIVMAN: real time updates in the field for
those on "watch list" and everyone else too The product consists of server software that
keeps track of the status of credentials and handheld computers
that are continually updated with current information and that
can be used in the field.http://www.cardtechnology.com/article.html?id=20060921S6L4Z1QG

PIVMAN for first
responders
( police, fire,
ambulance)
The PIVMAN is a mobile identification checking
system[ Ed: current updates ] that
supports the federal governments new FIPS-201-standard
Personal Identity Verification cards, plus a slew of
others. Such solutions are increasingly important. Access control
is straightforward at established entry points such as doors, but
in a disaster, how can agencies ensure first responders should
have access to a site? http://www.gcn.com/print/25_28/41987-1.html

CoreStreet's PIVMAN
The PIVMAN System collects this information, links it
to the cardholder identity, and distributes the data
to handheld devices in the field.
Those tasked with site management use the information displayed
on-screen when making access decisions.
"PIVMAN offers organizations a way to set up secure
perimeters on the fly.
When an event happens, they need to ensure that the right
personnel get to the right locations," added Broderick.
"No other technology on the market today can use the FIPS
201 infrastructure to ensure both security and access without
relying on network connections. The reality is, a network
connection is not always available."

The PIVMAN System has played a key role in recent homeland
security exercises run by the DHS ... . The exercises
demonstrated that individuals from multiple organizations and
jurisdictions could have the status of their government-issued
smart credentials accurately checked and logged during an
emergency in which communications channels were unavailable. The
logs generated by the PIVMAN Handhelds were then used to create
comprehensive audit trails and after-action reports. In addition
to FIPS 201 cards, the types of credentials employed as part of
these exercises included
the Department of Defense Common Access Card (CAC),
Transportation Worker Identification Credential (TWIC),
First Responder Authentication Credential (FRAC), and
Mariner Administrative Card (MAC). http://business.itbusinessnet.com/articles/viewarticle.jsp?id=64386

"...ALL citizens must carry an e-ID smart card on
their person at all times.
The REAL ID ACT of 2005 mandates that all Americans must carry an
e-ID smart card by 2008.
That would include a smart driver's license. Besides being
"interoperable", these smart cards will be multi-functional,
meaning they will be used for the following : identification
purposes, for visas, for transportation, for driver's licenses,
for medical / health records ( accessing files and databases) ,
and they will access your bank account for eft ( electronic funds
transfer .. becoming a cashless society) ; It will be for all
commerce and financing. The REAL ID smart card will also have
building and computer ( logic) access. The REAL ID smart card
willbe the
ONLY card that a citizen needs, in order to
transact everything and anything in his or her's life time. It is
a person's number for life.

So already, all of us are well on our way to being tracked,
controlled and numbered for life.
Every transaction we make will be monitored. If ever the time
comes that we are considered "politically incorrect",
our cards will no longer be operable, and they will generate
"ACCESS DENIED" in every POS terminal, or wherever
applied. Just as 911 was a major turning point in our lives, so
will 1027 be a major turning point in our lives.

Health and Financial Sectors
"millions more of the IDs will be put into the hands of
workers outside the government sector.
First up will be the types of companies you might expect,
including government contractors and so-called first responders
who interact with federal agencies and law enforcement officials
who already carry smart cards, said Jason Hart, chief executive
of ActivIdentity, whose software was chosen to support the 3.5
million HSPD cards being distributed by the Department of
Defense.
Beyond those workers Hart contends that security-oriented
industries such as the health care and
financial services sectors will soon begin handing out
smart cards to end users to replace more traditional forms of
authentication. http://www.eweek.com/article2/0,1759,2043085,00.asp?kc=EWYH104039TX1B0000665http://www.eweek.com/article2/0,1895,2043370,00.asp

HSPD 12 ( Homeland Security Presidential Directive 12 ) mandates
that all Federal employees must have an e-ID smart card. Although
this was issued by the U.S. government, it is
the standard of operation around theworld
. Each and every Government -- in both hemispheres ---is
complying with HSPD 12 and also FIPS 201 to have "open"
systems that can function anywhere and everywhere around the
planet. That means that a Swedish e-ID card will be just as
multi-functional in the U.S. as in anyplace ( and visa-versa).

Sweden
complies with US directive HSPD 12: "Match-On-Card" The company is launching its smart card solution,
Precise Match-On-Card, in a version compliant with the US Federal
government standard, American National Standards
Institute (ANSI 378). The standard is an important
requirement in implementing the US Federal Government Homeland
Security Presidential Directive 12 (HSPD-12) and the
closely aligned Federal Information Processing Standards
201 (FIPS 201). By fall this year all US Government
agencies must initiate the deployment of smart card based ID
cards, the so called PIV (Personal Identity Verification)
Cards.

"The Precise Match-on-CardT
technology adjusted for the standard ANSI 378 takes biometric
security and convenience one step further by performing the
actual fingerprint match within the tamper-proof environment of a
smart card. This reduces the vulnerability of matching on a
network-connected device, an external server, or a database -
normally considered weak links in the security chain." [ Ed: offline authentication]

Already, the people of the Netherlands are carrying e-ID smart
cards and cannot leave home without one.

Already the Far Eastern Nations are well advanced in e-ID smart
card operations. There is not a nation upon this earth that is
not working toward this goal.

Here is an example of the first stage of deployment in the
Philippines. .... state workers"People's
ID Card " --- First for Gov. employees, then the people --
Ed: numbered for life" NSO Administrator Carmencita Ericta in an interview
said that after the pilot testing in the two
agencies, they are targeting to implement the
new ID system to the entire 1.5 million state
employees.
She said the new ID will be the "primary identifier of a
person transacting business with government" and will solve
the problem of "assumed identity
"All the ingredients are now present for a garrison state
...The identification card
would help gain access to health insurance, pensions, housing
loans and help those seeking work overseas. The card stores some
of the owner's physical characteristics, including fingerprints,
to give a definitive identification of the person presenting it.
"Isn't it better to just have one ID that you can use
for all your transactions with the
government instead of having a wallet bursting with so many IDs
that you need?" she saidhttp://newsinfo.inq7.net/breakingnews/nation/view_article.php?article_id=16869

ActivIdentity -- "for
accessing government resources globally"
The National Institute of Standards and Initiatives (NIST)
responded to HSPD-12 by issuing FIPS 201, which identifiedsmart cards as the device to be used to
provide the security and rapid electronic authentication to
verify the identity of individualsaccessing
government resources globally. The rapidly
approaching October 27, 2006 deadline for HSPD-12 mandates
government agencies to deploy FIPS 201-certified
Personal Identity Verification (PIV) cards,
which incorporate identity assurance and strong authentication
practices utilizing PKI and biometric fingerprint credentials on
a single cryptographic smart card for increased security of both
facility and network access.http://www.secureidnews.com/news/2006/09/13/actividentys-fips-201-certified-products-gain-major-industry-partners/

Gemplus and HSPD 12
[ Homeland Sec. Presidential Directive ... same as executive
order ] FIPS 201 = Federal
Information Processing System [ encryption] LUXEMBOURG and ARLINGTON, Virginia, May 10
/PRNewswire/ -- Gemplus International S.A.
(Euronext: LU0121706294 - GEM, NASDAQ: GEMP), a leading provider
of secure card solutions, announces the launch of its SafesITe
Government solution compliant with the US federal government's
FIPS 201 regulations. Gemplus' solution will enable
federal agencies to meet the HSPD-12 requirements for
interoperability for government employees and contractors to
access federal buildings and IT networks. As set
forth in the presidential directive and regulations, all federal
agencies must start to issue FIPS 201 compliant identity
credentials by October 26 2006. http://sev.prnewswire.com/computer-electronics/20060510/3159432en-1.html

HID global : smart card readersIRVINE, Calif.--(BUSINESS WIRE)--HID Global, a
leading manufacturer in the access
control industry, today announced that its
iCLASS® R10, R30, R40, RK40 and RP40 model access
control readers have been approved by U.S. General
Services Administration (GSA) as Transparent Contactless Readers
for their FIPS 201 Approved Products List. The certifications now
enable HID Global to provide government agencies and other
organizations with a trusted source for FIPS 201 certified
contactless smart card readers. In addition to these readers, HID
Global has also received approval on the iCLASS OEM 150 module to
assist manufacturers in embedding HIDs FIPS 201 approved products
into their own

smart-chip now 1/2 as thin NXP Semiconductors, the
new semiconductor company founded by Philips, has come up with a
new chip design that is finer than a human hair, or a sheet of
paper. The development means that more protective material can be
incorporated into the overall package..........which is 50 percent thinner than the current industry
standard for smart card ICs.

The new chip also enables the design of further security features
such as additional layers for laser engraving.
Alternatively, designers can create new
applications which are much thinner than was
previously possible

Smart Card Alliance helps government
deploy new System In order to aid organizations with the physical access control system (PACS)
aspect of the implementation, the Smart Card Alliance Physical Access Council released a
new white paper today :
"Considerations for the Migration of Existing
Physical Access Control Systems to Achieve FIPS 201
Compatibility".
Additional Smart Card Alliance educational resources that support
FIPS 201 implementation will soon be announced.
Smart cards and readers are just the tip of the iceberg in FIPS
201 deployments. Government agencies need to consider new
enrollment and issuance systems, as well as PACS changes and
integration with back-end authentication systems," said Lars
Suneborn, director, government programs, Hirsch Electronics and
Smart Card Alliance Physical Access Council lead for the project.
http://www.govtech.net/magazine/channel_story.php/101214

Enabling
Microsoft for PKI- PIV cards --TC Trust CentreTC Enterprise ID Version 2007 includes a full set
of features enabling integration with a Microsoft CA to allow
auto enrollment of users. TC Enterprise ID 2007
allows organizations to simplify PKI rollouts by allowing
administrators to automatically apply for, issue and integrate
digital certificates for all users of Microsoft Windows
applications.The principle of interoperability
with leading smart card printers and makers
means that the SmartCard Manager
can be adapted on-site to issue personalized cards and
integrate company-specific databases and workflows.http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/08-02-2006/0004408683&EDATE=

Contactless .. 4 inches awayThe interface for both contact and contactless
readers must conform to the Personal Computer/Smart Card format.
The contactless readers, which use radio frequency to read the
cards smart chip, will not be able to read a PIV card more
than 10 centimeters, or about 4 inches, from the reader.
NIST also released a fresh draft of SP 800-76-1, titled Biometric
Data Specification for Personal Identity Verification, for public
comment. SP 800-76 sets out specifications for the biometric
components of Federal Information Processing Standard 201, the
overarching standard for PIV cards. http://www.gcn.com/print/25_29/42047-1.html

Probaris PIV enrollment moduleMost importantly, the Enrollment Module is built to
support the same high security features as SP, including smart
cardauthentication, separation of roles,
authorization and digital signature support.
When using the SP system, an Enrollment Officer authenticates
using their PIV smart card and their authorization to act in that
role is verified. The enrollment data is then digitally signed
using the Enrollment Officers' PKI certificate, and securely
transmitted back to Probaris SP.http://photography.consumerelectronicsnet.com/articles/viewarticle.jsp?id=63549